IBM WebSphere Application Server Multiple Vulnerabilities
Last Update Date:
11 Aug 2020
Release Date:
7 Aug 2020
4991
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities have been identified in IBM WebSphere Application Server, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and obtain sensitive information on the targeted system.
Impact
- Denial of Service
- Information Disclosure
System / Technologies affected
- WebSphere Application Server Liberty Continuous delivery
- WebSphere Application Server 8.5
- WebSphere Application Server 9.0
- IBM Java SDK shipped with IBM WebSphere Application Server Patterns 1.0.0.0 through 1.0.0.7
- IBM Java SDK shipped with IBM WebSphere Application Server Patterns 2.2.0.0 through 2.3.3.0
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://www.ibm.com/support/pages/node/6256732
https://www.ibm.com/support/pages/node/6257557
Vulnerability Identifier
- CVE-2020-2590
- CVE-2020-2601
- CVE-2020-14556
- CVE-2020-14577
- CVE-2020-14578
- CVE-2020-14579
- CVE-2020-14581
- CVE-2020-14583
- CVE-2020-14593
- CVE-2020-14621
- CVE-2020-17639
Source
Related Link
Share with